Wed. Sep 23rd, 2020

Binary Blogger

Are you a 1 or a 0? News, Thoughts and Reviews

Information Security VS IT Security, They are Different

2 min read

Custom_Programmable_Access_Control_SystemsThe IT world is built around acronyms, terms, phrases, sayings and even though there is a purpose to the definitions the use of the lingo is use incorrectly more often than not. The main reason is the job postings, marketing publications, blog posts are written by people that do not have IT backgrounds. So on the surface interchanging one word make look the same but can change the definition greatly.

One of the more broad terms that is constantly flipped back and forth is in the security space and the terms Information Security and IT Security. On the surface its security and some places may be posting for IT Security folks and others are looking for Information Security folks but the job descriptions and responsibilities don’t match.
So what?

When you think about the people that are looking for new opportunities, reading blog posts for research or looking for new business partnerships, those people do have the IT background and experience. If you are not writing to them they will see that as a lack of knowledge, not take you seriously, and move on.

Here’s the best way to differentiate Information Security and IT Security.
IT Security – Also known as Computer Security or Cybersecurity is the protection of the physical information systems from theft, damage to hardware, software, and preventing the disruption of services. It includes physical access controls, network access controls, and operational controls. Simply – Technical and tactical.

Information Security – Also known as InfoSec is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. Where the information resides is irrelevant, InfoSec scope is all information whether stored on a system or in physical/paper form. Simply – Procedural and Strategic.

Information Security IT Security
Strategic Tactical
Security Frameworks Hardware Hardening
Policy Development Incident Reponse
Security Awareness Training Firewalls
Security Procedures Antivirus
Business Continuity IDS/IPS
Risk Analysis Vulnerability Scans
Data Privacy Penetration Testing
Regulatory Compliance Access Controls
Governance Models Network Security
Enterprise View System View
Etc… Etc…

As you can see Information Security and IT Security are not the same and when the terms are used interchangeably the experienced IT communities will see right through that.
It also comes into play from your Enterprise Security programs to understand where IT Security ends and Information Security begins as skill sets, processes and involvement from cross-functional departments benefit from knowing what’s the tactical technical approaches and what is procedural and strategic.

End of Line.

Copyright © All rights reserved. | Newsphere by AF themes.